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Abstract 

We study a new proof principle in the context of constructive Zermelo- 
Fraenkel set theory based on what we will call "non-deterministic induc- 
tive definitions". We give applications to formal topology as well as a 
predicative justification of this principle. 



1 Introduction 

There is a distinctive foundational stance that has sometimes been called "gen- 
eralised predicativity" , which is characterised by a rejection of impredicative 
definitions combined with an acceptance of a wide variety of inductively de- 
fined sets. The system which expresses this philosophy in its purest form is 
Martin-Lof's type theory [13] . 

Martin-L6f 's type theory is intended to be an open-ended framework and, as 
a consequence, comes in different versions of varying strength. For the purposes 
of this paper, the relevant system is the theory MLivpV from [IT] and [IS], with 
one iterative universe closed under W-types and with the "extensional" rules 
for the identity types, as in [13J . (We believe the arguments in this paper still 
go through if one works with the intensional identity types and the axiom of 
function extensionality. It is unclear to us what happens when we drop function 
extensionality.) Occasionally, we will also consider the system MLiV, where 
we drop the requirement that the iterative universe it is closed under W-types. 

Working in MLnyV is hard, however, for several reasons: the syntax is 
unfamiliar and complicated, and it lacks extensional constructs (like quotient 
types). For this reason, people have sought systems which are easier to work 
with, but can still be interpreted in type theory. The most prominent among 
them is Peter Aczel's constructive set theory CZF [3(7]. 
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But constructive set theory has some difficulties in catching up on the type 
theory, for there are some mathematical results, especially in what is called 
formal topology, which can be proved in MLijyV, but not in CZF. Formal 
topology is a particular approach to the subject of topology, which, by taking 
the notion of a basis as the starting point, can be developed in a way which is 
acceptable from the generalised predicative point of view. It should be one of 
features of CZF that it can act as a set-theoretic foundation for formal topology, 
but it does not quite live up to that. 

The first problem one encounters is that formal topology makes heavy use of 
inductive definitions, but CZF is unable to prove that these generate sets. This 
was remedied early on by Peter Aczel, when he introduced the Regular Exten- 
sion Axiom REA [3]. CZF + REA can still be interpreted in ML W V and 
allows one to prove the existence of a wide variety of inductively generated sets. 
An alternative solution (the combination of WS and AMC) was proposed by 
the author together with Ieke Moerdijk [5]. Indeed, in both extensions of CZF 
one can prove the Set Compactness Theorem, which allows one to prove that 
every inductively generated formal space is set-presented, which is an important 
fact in formal topology. 

But, unfortunately, it seems that CZF + REA and CZF + WS + AMC 
are still not capable of capturing all the desired results in formal topology. 
In particular, people have not managed to prove in these systems Palmgren's 
results from [16l HZ| on points and coequalizers of formal spaces (see Section 5 
below) . We do not have a proof that this is impossible (although we are inclined 
to think that it is). 

In the meantime, various people have attempted to find set-theoretic prin- 
ciples which would allow one to prove these other results. The subject of this 
paper is the author's proposal for such a principle, which he has dubbed NID, 
for "non-deterministic inductive definitions" . The contention is that the NID 
principle provides an elegant and relatively simple solution to proving all the 
additional results in formal topology which go beyond these frameworks. More- 
over, the principle is acceptable from a generalised predicative point of view, 
because it is valid under the type-theoretic interpretation of CZF in MLi^V 
(this will be proved in Section 6). Another proposal is due to Aczel, Ishihara, 
Nemoto and Sangu (see [6]) and we compare our proposals in Section 7 of this 
paper. 

The contents of this paper are therefore as follows: in Section 2 we formulate 
the NID principle and in Section 3 we prove some first applications, especially 
to inductive and coinductive types. To get a more streamlined presentation of 
applications of NID to formal topology, it turns out to be helpful to have a 
formulation of the NID principle in terms of logic (an idea of Peter Aczel). This 
reformulation we will develop in Section 4. In Section 5, then, we proceed to 
develop the applications of the NID principle to formal topology. After that, in 
Section 6, we will show that the NID principle is validated by the interpretation 
of CZF in Martin-Lof's type theory with one inductive universe closed under 
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W-types. This section was inspired by earlier work by Aczel [5] and unpublished 
notes by Ishihara. After that, in Section 7, we will compare our work with the 
preprint [5] . Finally, we end this paper with formulating several questions which 
have been left open in this paper. 

The author would like to thank Hajime Ishihara for showing him some early 
drafts of [6] and for very useful and enjoyable discussions, also with Erik Palm- 
gren, during the author's stay at the Institut Mittag-Leffler in Fall 2009. He 
is also grateful to the Institut for awarding him a fellowship, as well as to the 
referees for useful comments. 



We work in CZF, unless expressly indicated otherwise. 

Remark 2.1 Throughout this paper we will call a set A finite, if there is a 
natural number n £ N and a surjection {1, . . . , n} — > A. Such sets have also been 
called K-finite (for Kuratowski-hnite) or finitely enumerable to distinguish them 
from other constructive notions of finiteness. An important and useful property 
of these K-finite sets is that the collection Finpow(A) of K-finite subsets of a 
set A can be proved to be a set in CZF. 

We will write Pow(A) for the collection of all subsets of a set A. Of course, 
this cannot be proved to be a set in CZF. 

Definition 2.2 Let X be any set. By a rule on X, we will mean a pair (a, 6) 
with a and b subsets of X. A rule is called elementary if a is a singleton and 
finitary if a is finite. If b is a singleton, the rule will be called deterministic. A 
subset ycXis closed under the rule (a, b), if 



Recall that b § Y is Sambin's notation for: the intersection of b and Y is 
inhabited. Therefore the intuitive meaning of a rule (a, b) is: if all elements of 
a belong to the set, then at least one element from b should belong to the set. 
Finally, if 1Z is a set of rules on A, we will call a subset Y C X 7?.-closed, if it 
is closed under all rules in 1Z, and write C1os-r,(A) for the class consisting of all 
7?.-closed subsets of X. 

Example 2.3 An example of a non-deterministic inductive definition is the 
notion of a prime ideal in a unital, commutative ring. For if A is a commutative 
ring with 1, then a prime ideal is a subset P C A which is closed under the 
following rules: 



2 The NID principle 



{r + s} 



r,s e A 



{rs} 



W 



r, s e A 



{r,s} 



{rs} 



r,s e A 



ill 
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Definition 2.4 A subclass M of Pow(X), where X is a set, will be called set- 
generated, if there is a subset G of M such that 

(Va G M) a = (J {/3 G G : f3 C a}, 

or, cquivalently, 

(Va G M) (Va G a) (3/3 G G) a G /3 C a. 

Remark 2.5 Compare the notion of a set-generated frame: a frame X is set- 
generated if there is a subset G C X such that 

x = \f {geG: g<x} 

for every x E X . 

The NID principle now reads: 

NID principle: For any set X and set of rules 1Z on X , the class 
CIosk(X) is set-generated. 

Weaker principles can be obtained by requiring all the rules in 1Z to be elemen- 
tary or Unitary: these will be called the elementary and unitary NID principle, 
respectively. Clearly, NID implies Unitary NID implies elementary NID. 

Example 2.6 Hence finitary NID implies that the class of prime ideals in a 
commutative ring with unit is set-generated. 

Remark 2.7 Note that C\osn{X) can be proved to be a set using the Powerset 
and Full Separation axioms. Therefore the NID principle is provable in IZF. 

3 First applications 

In this section we give some applications of the NID principle. The first is a bit 
of a curiosity: it says that Fullness is a consequence of elementary NID (over 
CZF , which is CZF minus the Subset collection axiom). 

Proposition 3.1 In CZF~ ; elementary NID implies Fullness. 

Proof. Recall that Fullness is the statement that for any two sets A and B 
there is a set S of total relations from A to B such that every total relation is 
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refined by (i.e., contains) one in this set S. Therefore consider sets A and B 
and consider the following set of non-deterministic rules onl + A + 4xB: 



{*} , {«} 

{a} {{a 1 b):b£B} 

If I generates the closed sets for this elementary non-deterministic inductive 
definition, then J — {I P\ A X B : I £ I, * G 7} is a full set of total relations 
from A to B. For if R is a total relation from A to B, then 1 + A + R is a 
subset ofl + A + AxS closed under the non-deterministic rules. So there is an 
element I el with * e I and J C 1 + A + R. Then we have for J = 7 n A x B 
that J C R and J £ J. □ 



The results below show that elementary NID is especially useful for proving 
statements related to coinductive types and bisimulation. One problem which 
elementary NID solves is the following: when one tries to show the consistency 
of the Anti- Foundation Axiom in CZF along the lines of Aczel's book [4], one 
has to show that the bisimularity relation is Ao (or that the statement that two 
graphs are bisimular "has a small truth- value" ) . Proving this in CZF seems 
to be hard, if not impossible. But one can readily prove this in CZF extended 
with elementary NID: 



Proposition 3.2 If (A,R) and (B,S) are two graphs, then elementary NID 
implies that the class of bisimulations from (A, R) to (B, S) is set- generated. 
Therefore it also implies that the statement that (A, R) and (B, S) are bisimular 
is equivalent to a bounded (or Aq-) formula. 



Proof. Recall that K C A x B is a bisimulation, if the following two statements 
hold: 



• whenever (a, b) G K and (a, a') G R, there is a b 1 £ B such that (a', b') 6 K 
and (6, b') £ S, and 

• whenever (a, b) £ K and (6, b') £ S, there is an a' £ A such that (a', b') £ 
K and (a, a') £ R. 



Therefore a bisimulation K is nothing but a closed subset of A x B for the 
following non-deterministic inductive definition: 

(a,a')ei? , (&,&') £ S 



{(a', &') : (6, 6') G 5} v ' ' {(a', 6') : (a, a') G i?} 

Since this non-deterministic inductive definition consists of elementary rules, 
the statement of the proposition follows. □ 
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Proposition 3.3 If TZ is a (elementary, finitary) non- deterministic inductive 
definition on a set X, then (elementary, finitary) NID implies that there is a 
set T of IZ-closed subsets of X which is full: for every IZ-closed subset A of 
X , there is an element F G T such that A C F. Hence NID implies that the 
minimal IZ-closed subsets of X form a set. 



Proof. Suppose TZ is a non-deterministic inductive definition on a set X. If * is 
an element not in X, then TZ can also be considered as a non-deterministic induc- 
tive definition onlU{*}. Assume that Q generates for this non-deterministic 
inductive definition onlU{*}. Then let 

T = {F - {*} : F G g, * G F} C Clos^(A). 

The set T is full, because if A is an 7^-closed subset of X, then Au{*} is an 
7?.-closcd subset of X U {*}. So there is an element F G Q with * G F and 
F C A U {*}. Hence A D F - {*} G T. 

Because T is full, 

M = {A G T: (VF e T) (F C A => F = A)} 

is the collection of all minimal 7\L-closed sets, which is a set by bounded separa- 
tion. □ 



Definition 3.4 Let /: B — > A be a function. The polynomial functor Pf asso- 
ciated to / is defined on sets as 



and on functions as 



P f (X) = {(aeA,t:f- 1 (a)^X)}, 



Pf(a)(a, t) = (a, at). 



A Pf -algebra is a set X together with function t: Pf(X ) — > X. A morphism 
of Pf -algebras (X,s) — > (Y,t) is a function a: X — > Y such that the following 
diagram commutes: 

Pf(a) 

Pf(X)^4Pf(Y) 



X 



-s- r. 



The initial P/-algebra, if it exists, is the W-type associated to /. The dual 
notions are that of a Pf-coalgebra and an M-type associated to /. 



In an impredicative metatheory such as IZF one can prove the existence of 
W- and M-types. Indeed, if /: B — V A is a function, then the M-type can be 
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constructed as the collection of trees, with nodes labelled by elements a G A 
and edges labelled by elements b G B, in such a way that / _1 (a) enumerates 
the edges pointing towards a node labelled by a G A. The following picture 
hopefully conveys the idea: 



• a • • • 

f~\a) = 
/-!(&) - {u,v} 

/ _1 ( c ) = {x,y,z} 

c 

If Mf is this collection of trees, the coalgebra morphism u: Mf — > Pf(Mf) takes 
a tree and sends it to the pair (a, t), where a is the label of the root of the tree 
and t is the function sending an element b G / _1 (a) to the tree attached to the 
unique edge into the root with label b. 

The W-type Wj associated to / consists of those trees in Mf that are well- 
founded. In that case, the algebra morphism sup: Pf(Wf) — > Wj is the operation 
which takes an element a G A and a function t: / _1 (a) — > Wf and creates the 
tree whose root is labelled by a and with the tree t(b) attached to the edge into 
the root with label b G / _1 (a). (For more on W- and M-types, see fL4l 18].) 

As said, both objects can be constructed inside IZF: the M-type can be 
built by regarding trees as suitable collections of paths (ao, b$, ai, b\, 02, ... , a n ) 
with ai G A,bi G B and = a, for all i < n. The W-type can then be 

built by selecting the trees in the M-type that are well-founded, or as the least 
P/-subalgebra of u -1 : Pf(Mf) — >■ Mf. As these constructions make use of the 
power set axiom, it is not at all clear whether M- and W-types can be shown to 
exist within CZF. But with the NID principle we can, as we will now show. 

Theorem 3.5 Elementary NID implies that all M-types exist. 

Proof. We try to mimick the impredicative construction explained above. 

Let /: B — > A be a function and let P be the collection of paths of odd length 
of the form (ao, bo, a±,bi, 02, . . . , a n ) such that 

1. every at belongs to A, 

2. every bi belongs to B and 

3. for every i < n, we have /(&;) = ft;. 

Consider the following non-deterministic inductive definition 1Z on P: 

W= (a ,b ,...,a n )} 

{(a):ftG^} {cr * (b,a) :a E A} 1 {(Xn ' 
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Let M. be the collection of those 72.-closed subsets to C P such that 

1. there is a unique a £ A such that (a) £ to, 

2. (Vct = (a ,bo, ■ ■ -,a n ) G ™) (V6 G / _1 (a„)) (3!o 6 A) cr * (6, a) e m, 

3. to is closed under initial segments. 

Elementary NID can used to justify the claim that M. is a set, as follows. Note 
that every such meM must be minimal: if A C to is also 7\L-closed, then one 
proves 

(Ver GP)o-em^-o'eA 

by induction on the length of a. Elementary NID implies that the minimal 1Z- 
closed subsets of X form a set (see Proposition I3.3p . so M. is a set by bounded 
separation. 

Claim: M is a P/-coalgebra. Proof: Let m £ A4. By 1, there is a unique 
element a £ A such that (a) £ A. Then define for every b £ B a , 

t(b) = {cr £ P: (a,b)*<7 £ m}. 

Obviously, t(b) £ M, so we have defined an operation u: M. — > P/(A^). 

Claim: is the final P^-coalgebra. Proof: let v. X — > Pf(X) be a P/-coalgebra 
and let i^: X — > A be composition of v with the projection on the first coordi- 
nate. By a path in X we mean a sequence (xo, bo, x±, . . . , x n ) such that 

1. every Xi belongs to X, 

2. every bi belongs to B and 

3. for every i < n, if v(xi) — (a*, t,-), then /(&;) = a, and Xj+i = t(6i). 

Then define v: X — > M. by saying that 

v(x) — {(ao, bi, at, . . . , a„) £ P : there is a path (xo, b\, X\, . . . , x n ) in X, 
with a; = Xo and V\{xi) — a, t for all i < n}. 

This is clearly well-defined and the unique P/-coalgebra morphism from X to 
M. □ 

Full NID can be used to prove that all W-types exist. This will follow from 
the previous result together with: 

Proposition 3.6 Let 1Z be a deterministic inductive definition on a set X. 
Then NID implies that the IZ-closed subsets of X are set-generated and there is 
a least IZ-closed subset of X. 
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Proof. Suppose 1Z is a deterministic inductive definition on a set X. Clearly, 
NID implies that the 7^-closed subsets of X are set-generated. Suppose * is 
an element not in X and write X* = X U {*} and 7£* = 1Z U {(0, {*})}■ The 
7^»-closed subsets of X* are closed under small intersections, so if G* generates 
the 7?.*-closed subsets of X*, then f] Q* is the least 7^*-closed subset of X*. For 
if A is 7^*-closed, then * G A and therefore there is a G £ 5* such that * 6 G 
and G C A Then f| & C G C A Now M = f| 0* - {*} is the least ^-closed 
subset of X. For if A C X is 72.-closed, then A U {*} C X* is 72.*-closed, and 
therefore f| C A U {*}. □ 



Theorem 3.7 NID implies that all W-types exist. 

Proof. Again, we try to mimick the impredicative construction explained 
above. 



Let /: B — > A be a function. We have shown in Theorem 13.51 that elementary 
NID implies that the corresponding M-type u: Ai — > Pf(Ai) exists. By Lam- 
bek's lemma, u is an isomorphism, so has an inverse, which we will call sup. 
Then consider the following deterministic inductive definition on A4: 

{t(b) :beB a \ 

±±j aeA,t:B a ^M 

{sup a i} 

By Proposition 13.61 this inductive definition has a least fixed point. This least 
fixed point is the W-type associated to /. □ 



Remark 3.8 We have shown that NID implies that for every (deterministic) 
inductive definition $ on a set X and every subset A of X the class A) 
(the least $-closed subclass of X containing A) is actually a set. What it 
does not seem to imply (at least, we failed to show that it does) is Aczel's Set 
Compactness Theorem [7] : this is the statement that there is a set B of subsets 
of X such that, whenever a e I(&,A) there is a Y G B such that Y C A and 
a e I(*,y). 



4 NID and logic 

For developing the applications of the NID principle to formal topology it will 
be convenient to reformulate this principle using concepts from logic. 



4.1 Propositional case 

In this section we will identify models of a propositional theory (over a set of 
propositional letters P) with subsets of P (where the elements that belong to 
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the subset are precisely those which are true in the model). 



Definition 4.1 Let P be a collection of propositional letters. A game formula 
(over P) is a formula in propositional logic built using propositional letters 
from P and infmitary disjunctions and conjunctions (but no implications and 
negations). A game sequent (over P) is a formula of the form p — > ip where tp 
and tp are game formulae. A game theory (over P) is a set of game sequents. 

An elementary game formula is a game formula in which no infinite con- 
juctions occur. A game formula in which all conjunctions are finite is called 
a finitary game formula. An elementary (finitary) game sequent is a game se- 
quent tp — > ip in which the hypothesis tp is elementary (finitary). A collection 
of elementary (finitary) game sequents is called an elementary (finitary) game 
theory. 

Theorem 4.2 Full NID implies that class of models of an (elementary, fini- 
tary) game theory T over a set of propositional letters P is set-generated. The 
same statements holds for elementary (finitary) NID and models of elementary 
(finitary) game theories. 

Proof. Let T be a game theory over a set of propositional letters P and let 
S be the union of P with the collection of subformulae of T. Write S' for the 
collection of all (or all elementary, or all finitary) game formulas in S. We 
consider the following non-deterministic inductive definition on S: 



—r 7 — Aie/ <Pi & S,i &I — — Vie/' 

Wo I {(pi:! el} 



M 

Clearly, if M is a model of T, then {(p £ S : M \= tp] is a closed subset of S. 

Conversely, if A is a closed subset of S, write M = {p <E P : p E X} . Now one 
proves by induction on the build-up of the game formula ip that (1) if ip € S' 
and M \= ip, then tp £ X, and that (2) if tp £ S and p E X, then M \= p. So 
M is model of T, because if tp — > tp £ T, then 

M\=ip=>tp€X=>i/jeX=>M\=ip. 

So if Q is a generating set for the non-deterministic inductive definition, then 
{{p £ P : p £ X}: X £ Q} generates the class of models of T. □ 
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Corollary 4.3 Full NID implies that the minimal models of a game theory T 
over a set of propositional letters P form a set. The same statements holds for 
elementary (finitary) NID and models of elementary (finitary) game theories. 

Corollary 4.4 The statement that for every set of propositional letters and 
game theory T the class of models is set-generated is equivalent to full NID. The 
same statements holds for elementary (finitary) NID and models of elementary 
(finitary) game theories. 

Proof. In view of Theorem l4.21 it suffices to show that the statement implies full 
NID. So suppose X is a set and <I> C Pow(A) x Pow(X) is a non-deterministic 
inductive definition and consider the following propositional theory over X: 

{f\a^\f/3: (a,p) G$}. 

A model of this theory is the same as a $-closed subset of X, so the result 
follows. □ 



4.2 First-order case 

In this subsection we extend the notion of game sequent to first-order logic: 

Definition 4.5 A game formula (over some signature S) is a formula built from 
atomic formulas of the form R(t\, . . . , t n ) with R £ E (but no equalities) using 
infinitary disjunctions and conjunctions and existential and universal quantifi- 
cation (but no implications or negations). A game sequent (over E) is the 
(universal closure) of a formula of the form tp —¥ ip where tp and tp are game 
formulae. A game theory (over E) is a set of game sequents. 

Let E be a signature and TZ a set of relation symbols not occuring in E. We 
will write E' = E L)TZ. Assume moreover that M is a model in the signature E. 
As usual, we will regard M' as a E' -expansion of M, if M' is a E'-model and 
M' \ E = M (where the latter means that M and M' have the same underlying 
set and the interpretation of the symbols belonging to E in M' coincides with 
their interpretation in M). If AW is a collection of E'-expansions of M, we will 
call the E'-expansion Mq with 

R M = (J R M> 

M'eM 

for all R 6 TZ the union of the family M.. 

Theorem 4.6 Full NID is equivalent to the statement: 
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Suppose E and E' are two signatures as above, M is a Yi-model and 
T is a game theory over E'. Then there is a set M. consisting of 
E' -expansions of M which model T such that any E' ' -expansion of 
M modelling T can be obtained as a union of elements from M. 

Proof. (Sketch.) We really only have to prove that full NID implies the state- 
ment, which we do by reducing it to the propositional case. 

First of all, we introduce constants for all elements in M to obtain an extension 
E" of the signature E'. These constants we can then use to eliminate existential 
quantifiers in T in favour of infinite disjunctions and universal quantifiers in 
favour of conjunctions. Writing P for the collection of atomic sentences in the 
signature E", we now have a propositional game theory T" over P. Adding to 
T" all atomic sentences true in M we get a theory T" whose models are really 
E'-structures M' which model T and are such that 

R M C R M ' 

for all relation symbols R in E. Then, if M generates the class of such models, 

M' = {Mo eM: R M = R Mo for all R e E} 
generates the class of E'-expansions modelling T. □ 



Corollary 4.7 Suppose E and E' are two signatures as above, M is a Yi-model 
and T is a game theory over E'. Call a E' -expansion M' of M minimal, if for 
every other E' ' -expansion M" on M for which we have 

R M " C R M ' 

for all R e E', we actually have R M " = R M ' for all R £ E'. Then full NID 
implies that the collection of minimal E' -expansions of M forms a set. 

Example 4.8 To illustrate the usefulness of the last result, consider the follow- 
ing example. Let (P, <) be a partial order. Note that the structure of a linear 
order on P extending < is the same thing as a (<, ~, <) -expansion of (P, <), 
which models the set of Unitary game sequents 





p~p 


p ~ q 


->■ q ~p 


p ~ q A q ~ r 


— > p ~ r 


p<q 


-> p < q 




p < p 


p < q A q < p 


->■ p ~ q 


P <! q A q < r 


— > p < r 


q Ap ~ q f\p<q 


-> P < <?' 
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and for which ~ coincides with the equality on P. Since every such model is 
automatically minimal (in the sense of the previous corollary) by linearity, we 
see that finitary NID implies that the collection of linear order structures on P 
extending < forms a set. 



5 Applications to formal topology 



In this section we will illustrate the power of non-deterministic inductive def- 
initions by applying them to formal topology. This is not the place, however, 
to recap on the development of formal topology in the context of CZF (for 
that, see [5] and [TO])- Therefore this section will not be self-contained and will 
presuppose some familiarity with the basic notions of formal topology. 

Thcorcm l5 . 1 1 and Theorem l5.4l below were originally proved by Erik Palmgren 
in the context of type theory (see [TBJ E]). He used regular universes; we 
prove these results using elementary and finitary NID, showing that the regular 
universes can be avoided (see Corollary 17.41 below) . 

Recall that a point of a formal space (P, Cov) is an inhabited subset a C P 
such that 

(1) a is upwards closed, 

(2) a is downwards directed, 

(3) if S € Cov(a) and a £ a, then S fl a is inhabited. 



Theorem 5.1 Finitary NID implies that the collection of points of a set-presented 
formal space is set-generated. 



Proof. Suppose BCov is a presentation for the formal space (P, Cov). In that 
case a point of the formal space (P, Cov) is nothing but a closed set for the 
following non-deterministic inductive definition: 

TT p - q 7 P^ eP T£ S e BCov (?) 

{q} {r G P : r < p 7 r < q\ lb , 

where ]. S = {r G P: (Els G S) r < s}. Since this non-deterministic inductive 
definition is finitary, the result follows. □ 



Call a formal space flat, if all its points are minimal with respect to the 
inclusion ordering (note that this is equivalent to saying that all its points are 
maximal). Sambin has shown that all regular formal spaces are fiat (see j!9j). 

Corollary 5.2 Finitary NID implies that flat, set-presented formal spaces have 
a set of points. 
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Definition 5.3 A continuous map or a morphism of formal spaces F: (P, Cov) — > 
(Q, Cov') is a relation FCPxQ such that: 

(1) If F(p, q), p' < p and q < q' , then F{p', q'). 

(2) For every q £ Q, the set {p : F(p, g)} is closed under the covering relation. 

(3) For every p £ P there is a a cover S £ Cov(p) such that each p' £ S is 
related via F to some element q' £ Q. 

(4) For every <?o,<7i £ Q and element p £P such that F(p,q ) and F(p,qi), 
there is a cover 5 G Cov(p) such that every p' £ S is related via F to an 
element which is smaller than or equal to both go and qi- 

(5) Whenever F(p, q) and T covers q, there is a sieve S covering p, such that 
every p' £ S is related via -F to some q' £T. 

Theorem 5.4 Elementary NID implies that the category of set-presented for- 
mal spaces has all coequalizers. 

Proof. See Proposition 7.9 in [6]: the key step amounts to showing that the 
class of models of a certain elementary game theory is set-generated. □ 

Remark 5.5 In [T2], Ishihara and Kawai use non-deterministic inductive def- 
initions to show that coequalizers exist in the categories of basic pairs and 
concrete spaces as introduced by Sambin [121 HD] ■ 

The following result is new. 

Theorem 5.6 NID implies that the class of morphisms between two set-presented 
formal spaces is set-generated. 

Proof. Suppose BCov is a presentation for (P, Cov) and BCov' is a presentation 
for (Q, Cov'). Then a continuous morphism F: (P, Cov) — > (Q, Cov') is nothing 
but a collection of propositional letters {F(p, q) : p £ ¥,q £ Q} satisfying the 
following game sequents: 



F(p, q) — > F(p' , q 1 ) for all p' < p and q < q' 
f\F{p,q') -> F(p,q) for aU T G BCov' (q) 



q'GT 



V A V forallpeP 



SGBCov(p) p'GS q'eQ 



F(p,q )AF(p,q 1 ) ^ V/ A V F & ' >4) 



SGBCov(p) p'SS q'<qo,qi 




seBCov(p) p'eS q'er 
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This shows the desired result. 



□ 



6 Justification of the NID principle 

In order to show that the NID principle is acceptable from a generalised- 
predicative perspective, we will show that is validated by Aczel's interpretation 
of CZF in Martin-Lof's type theory as in [TJ [21 13] (provided type theory comes 
equipped with an iterative universe closed under W-types) . As the argument is 
rather complex, we will proceed in several steps. In the Section 6.2 we will give 
a first argument, inspired by Appendix A of [5]; it establishes slightly less than 
what we just claimed, because it requires a strong form of the regular extension 
axiom. In the Section 6.3 we will sharpen this argument to obtain the desired 
result, exploiting ideas that Ishihara used to derive finitary NID in CZF + 
RDC (see Corollary 17.41 below) . But first we collect those properties of Aczel's 
interpretation that we will need for our proofs. 

6.1 Properties of Aczel's interpretation of CZF 

The crucial property of Aczel's interpretation that we will need is that it vali- 
dates the Presentation Axiom PA (see [2J). Recall that a base (or a projective) 
is a set A such that every surjection /: X — >■ A has a section. (It follows from 
the collection axiom that also every surjective map f-.X—tA from a class X to 
a base A is split.) The presentation axiom says that every set is the surjective 
image of a base. 

The presentation axiom immediately has some interesting consequences. 
Call a map g: D —> C a base map, if both its codomain C and all its fibres 
D c = f (c) are bases. 

Lemma 6.1 The presentation axiom PA implies that every map g: B — > A fits 
into a commuting square 



D^B 



h 



(1) 



c 



»A 



V 



such that 



1. p is surjective, 



2. the induced map D — > C x a B is surjective and 



3. h is a base map. 
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Moreover, every such square is a collection square, in that for any a € A and 
any surjection I: E — > B a there is a c 6 C with p{c) — a and a map k: D c — > E 
such that I o k = q c . 

Proof. We just outline the construction. First one applies PA to cover A with 
a base via a map p: C — > A. Applying PA again we see that 

for each c £ C there exists a base D and a cover q: D — >• -B p ( c ) . 

Using the fact that C is a base we find bases D c and covers q c : D c -E> p ( c ) as a 
function of c £ C. This completes the construction. □ 

A more refined analysis shows that the interpretation validates the principle 
that the class of bases is closed under exponentials (see [21 Theorem 3.6]). This 
can be used to show that the following dependent choice principle for W-types 
(see [HJ[T7]) is valid as well. 

Theorem 6.2 Let f:B —¥ A be a base map. Then the interpretation of CZF 
in the type theory MLi^V validates the following dependent choice principle 
for W-types: 

If X is a set and for every a £ A there is a total relation 

Ra C X B « x X, 

then there is a function h: Wf — > X such that for every sup a £ £ Wf 
one has (h o t, h(sup a t)) £ R a . 

It also validates the "relativised" version of this principle where X can be a 
class. 

Proof. Cover X with a base via a map p: Y — >• X. Then we obtain for every 
a £ A a total relation 

S a C Y B ° X Y 

defined by 

(s, y) £ S a <=^ (p o s,p(y)) £ R a . 

Since A, Y and the B a are bases and, under the interpretation, bases are closed 
under exponentials, we get for every a £ A a function a a : Y Ba — > Y such that 
S a (s,cr a (s)) for all s £ Y Ba . This gives Y the structure of a P/-algebra and 
hence we get a function g: Wf — > Y such that g(sup a (t)) = a a {g o t). 

Set h = p o g. For every sup a (£) £ Wf we have that S a (g ° t, cr a (g ° t)), hence 
Ra{p° 9 °t,p(cTa(g °t))) and R a (hot,h(sup a (t))) as desired. 



16 



The principle is also validated if X is a class, but here we only sketch the argu- 
ment. First note that the relativised principle is valid in type theory (the proof 
of [TH Theorem 7.2] never uses the fact that X is a small type). Observe also 
that the interpretation of CZF in MLnyV validates the statement that Wf is 
injectively presented (see the Lemma on page 47 of Hence the statement 
follows as in Theorem 5.6]. □ 



6.2 First proof 

The aim of this subsection is to prove: 

Theorem 6.3 Full NID follows from the axiom of dependent choice for W- 
types, the presentation axiom and usREA. 

We need to define usREA. 

Definition 6.4 A set U is regular if it is transitive, i.e., a G b 6 U implies 
a G U, and for each a G U and total relation R from a to U there exists b G U 
such that 

(Vx G a) (3y G 6) i?(x, y) A (Vy £ 6) (3a; G a) J2(x, y). 

The set U is union-closed, if for every x G £/ also (J x G J7. And U is called 
separative, if for any a,b € U also {0 : a C 6} G U. 

The axiom usREA states: every set is a subset of a union-closed regular 
separative set. 

Proof. (Of Theorem l6.31 ) Suppose 1Z is a non-deterministic inductive definition 
on a set X. 

First, let 

(a,b)eTl 

be the first projection. Using Lemma 16.11 we find a base map h and a collection 
square of the form: 



h 



(2) 



c >n. 



We will write incli:C — >• C + 1 for the inclusion into the first component, 
/ = inch o h: D -> C + 1 and W = Wf. 

Next, let U be a set which is regular, union-closed and separative, and contains 
K, {x} for all x G X, D c for all c G C and Wf. 
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Lemma 6.5 Let u £U . 



1. Ift:u—>U is any map with u£U , then Im(t) G U and ljlm(i) G U. 

2. Tl u = {(a, b) G K : a C u} G U. 

Proof. The first point follows immediately from the fact that U is regular and 
union-closed. 

To show the second point, observe that if a G U, then {(a, b) :a C u} G U : 
because U is separative and regular. Hence we have a function t:TZ — > U which 
sends (a, b) G 1Z to {(a, 6) : a G u}. But then it follows from the first point that 
K u = U Im(t) G U . □ 

We claim that 

E = e [/ : k is closed under 7?.} 

generates C\os-ji(X). To show this, let Y be 72.-closed and y G Y. Our aim to is 
to construct a c G £ such that y G <r and u C 7. We will construct this set <r 
just after equation (|3|). 

Write 

P = Pow c/ (F) ={m6(7:hC y} 

and 

T ={(«,»): (V(o,6) G 7^)6() «}. 
Lemma 6.6 (Vit G P) (3« G P) (u,u) G T. 

Proof. Suppose it 6 P, so it £ f/ and u C F. Since F is 7£.-closed, we have: 

(V(a, 6) G 7e u ) (3/3 G 17) p G 6 n F. 
Since TZ U G C/ and U is regular, there is a u G C7 with v C F such that 

(V(o, 6) G (3/3 G «) jfl G 6 n Y. 
This proves the lemma. □ 

We are now ready to apply the axiom for dependent choice for W-types to Wf . 

The set is P. i?„ C 1 x P consists only of the pair (*,{?/})• For every 
c G C, the relation R c C P Dc x P consists of those pairs (</>, u) such 
that (|JIm(0),ii) G T. 
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By the lemma we just proved all the relations here are total, so the axiom of 
dependent choice for W-types gives us a map (f>: Wf — > P such that for every 
sup c (i) G Wf we have 

(^ot,0( B up c (t))) G Rc. (3) 

Let a: = (J Im(</>) G U . By construction, a £ U , y £ a and a £Y. So it remains 
to show that a £ E, that is, that a is 7?.-closed. 

Suppose a £ a and (a, i>) £ 1Z. We need to show that <x $ i>. Our assumption 
a C cr = (J Im((j>) means that 

(Van G a) (3to £ W/) cc £ (£(«;). 

Then, because © is a collection square, we obtain a c G C and a map t: D c — > 
Wf such that 

(Vd£D c )q{d) £(c/)ot)(d), 
and therefore a C (J lm(0 o f). 
Also, for sup c (t) G W/ we have 

(0 o t, <p(su.p c (t)) £ R c , 

hence ((Jlm(0 o t), 0(sup c (t)) G T. But then, by definition of T, we get 
0(sup c (i)) Because 0(sup c (t)) C |JIm(0) = cr, the proof is finished. 
□ 



6.3 Second proof 

The proof in the previous subsection establishes a result which is weaker than 
desired, because it relies on the existence of universes. In the present section we 
eliminate these and replace them in favour of the relativised dependent choice 
axiom for W-types. A first step towards this goal is isolating all the uses of 
the regular universe in one proposition. We continue to use the same notation. 
So A is a set and 1Z is a non-dctcrministic inductive definition on A. Also the 
maps /, g and h are as before. 

Lemma 6.7 There is a set V C Pow(A) such that: 

1. V contains all singletons. 

2. If t: D c — S> V is any map, then (Jlm(t) G V . 

3. If for some u £ V and A £ X , we have (V(a, b) £ 1Z U ) (3x £ A) x £ b, 
then there is a v £ V with v £ A such that (V(a, b) £ IZ U ) (3x £ v) x £ b. 
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Proof. Let U be a big set which is regular, union-closed and separative and 
which contains 7Z, {x} for all x £ X and D c for all c G C . Then it follows from 
Lemma 1531 that V = {u £ U : u C X} has all the desired properties. □ 

To show that this collects all the uses of the universe that we need, we are 
now going to prove that Lemma 16 . 71 together with the axiom of dependent choice 
from W- types to sets is sufficient for establishing full NID. 

So let 

A = {k: Wf ->■ V : (Vsup c (t) £ Wf) (k o t, fe(sup c (t))) £ R c } 
S = {(Jlm(fc): k £ A} 

where (0, u) £ R c iff ((J Im(^>), u) £ T and TCPxP consists of those pairs 
(it, u) such that 

(V(a, b) £K u )v§ b. 



Lemma 6.8 S C Clos K (X). 

Proof. Suppose a £ E, so a = IJIm(fe) for some k £ A, and a £ a for some 
(o, b) £ 1Z. Hence 

(Vac G a) (3w G W/) x G fc(io). 

By the collection square property, we obtain a c G C and a map t: D c —¥ Wf 
such that 

(Vd G D c )g(d) G (kot)(d). 

It follows that a C (J Im(fc o t). For u; = sup c t we have that (k o t, k(w)) £ R c 
and therefore ((J Im(fcot), G 7" and k(w) 6. Since C cr, this hnishes 

the proof. □ 



Lemma 6.9 S generates C1os-r.(X). 

Proof. Suppose Y £ X is ft-closed and y £ Y. Let P = {u £ V : u C Y}. We 
first show that 

(VmgP) (3v£P) (u,v)£T. 

So let u £ P, that is, u £ V and u £Y . Since Y is Tvl-closed and u C Y, we 
have: 

(V(o,6) G Tl u ) (3x £ Y) x £ b. 

Precisely for this quantifier combination, V satisfies a fullness property: so we 
obtain aueP with v £Y such that: 

(V(a,6) G ft„) (3x £ v) x £ b. 



20 



This is precisely what we want. 

We are now going to apply dependent choice for W-types. 

The set is P. P» C 1 x P consists just of the pair (*, {y}). For every 
c G C, we take the relation R c C P Dc x P. 

What we proved above shows that all relations R c are total. The axiom of 
dependent choice for W-types now gives us a map k: Wf — > P in A. So 
a = IJIm(fc) 6 S. Moreover, y G a and a C Y by construction. □ 

We are now going to give a different proof of Lemma l6.7l using the axiom of 
relativised dependent choice for W-types as in Theorem l6.2l Recall that Lemma 
16.71 says: 

Lemma 6.10 There is a set V C Pow(X) such that: 

1. V contains all singletons. 

2. Ift: D c ^fV is any map, then ljlm(t) G V . 

3. If for some u G V and A C X, we have (V(a, b) G TZ U ) (3x E A)x E b, 
then there is a v E V with v <Z A, such that (V(a, b) G 1Z U ) (3x £ v) x G b. 

We first apply Lemma 101 to construct a base map k and a collection square 

F — ^— > D 

k h 

E >C. 

Then we let <j>: F + {0} -)• E + {0, 1} be k + I with i. {0} {0, 1} the map 
sending to 0. Write P — Pow(Pow(X)) and define T> C P x P to consists of 
those pairs (U, V) G P 2 such that 

for every u G U and A C X, if we have (V(a, b) G 7£u) (3x ei)iet, 
then there is a t> G V with t> G A, such that (V(a, 6) G 1Z U ) (3x G 
d)ig!i. 

We wish to apply the axiom of relativised dependent choice for W-types to 
obtain a map from Wa to P. 

The class is P = Pow(Pow(X)). Rx C 1 x P consists just of the pair 
(*, {{a;} : a; G X}). R C P x P is D. And, finally, for every e G P, 
we take the relation R e G P Fe x P to consist of all (0, U) such that 

P = {|Jlm(m: P e Pow(X)) : (V/ G P e ) m(/) G 0(/)}. 
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We first need to check that all relations here are total. 
Lemma 6.11 (VU £ P) (3V £ P) (U, V) G V. 

Proof. Fullness gives us, for every u G U, a set V such that for all A C X, if we 
have (V(a, b) G 1Z U ) (3x £ A) x £ b, then there is a. v £ V with v C A, such that 
(V(a, 6) G 7?. u ) (3x G u) x G b. Applying the collection axiom to this statement 
and U yields the desired conclusion. □ 

So the relativised dependent choice axiom for W-types gives us a map 
p:Wcf> — > Pow(Pow(A)). Let V = Ulm(p). V clearly satisfies properties 1 
and 3, hence we only check property 2. 

Lemma 6.12 V satisfies property 2. 

Proof. Suppose s: Z? c — > "P is any map. Then 

(Vd G D c ) (3w G W^,) s{d) G p{w). 

By the collection square property, there is an e G E together with a map i: F e — > 
W<f, such that 

(V/ef )(*or)(/)e(po <)(/). 

Then 1J Im(s) = 1J Im(s o r) G T 5 . □ 
We conclude: 

Theorem 6.13 Full NID follows from the presentation axiom and the axiom 
of relativised dependent choice for W-types. 

Corollary 6.14 The NID principle is valid on the type-theoretic interpretation 
of CZF in ML 1W V. 

7 Comparison with related work 

Originally this section was devoted to comparing the NID principle to some ideas 
developed by Peter Aczel and Hajimc Ishihara in slides for talks and unpublished 
notes. However, after the author submitted this paper, their ideas coalesced in 
the SGA principle and the preprint [5], written together with Takako Nemoto 
and Yasushi Sangu. So now it makes more sense to relate our work with what 
happens in [B]. 

As it turns out, the relationship is very close: their SGA principle is equiv- 
alent to finitary NID. This section will be devoted to a proof of this fact. 
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Definition 7.1 Let S be a set and X be a subclass of Pow(S'). Recall that X 
is set-generated, if there is a set GCI such that 

(Vq G X) (Vs G a) (3/3 G G) s G /3 C a. 

X will be called strongly set-generated, if there is a set GCX such that 

(Va € X) € Finpow(a)) (3/3 6 G) cr C (3 C a. 

Here Finpow(a) is the set of finite subsets of a (see Remark l2TTj) . 

Definition 7.2 The set generated axiom (abbreviated as SGA) is a principle 
which says that for each set S and each subset Z of Finpow(5) x Pow(Pow(5)), 
the class 

M{Z): = {a G Pow(S) : (V(cr,r) G Z) a C a -> (3Z7 G T) 17 C a} 
is strongly set-generated. 

Theorem 7.3 SGA and finitary NID are equivalent in CZF. 

Proof. It is easy to see that SGA implies finitary NID: for if 1Z is a set of 
finitary, non-deterministic rules on a set S, we put 

Z: = {(a, {{x} : x G b}) : (a, b) G K}. 

Then CIosk(S') = Ai(Z), so SGA implies that C1ostj.(5) is set-generated. 

We now prove the converse. Let S be a set and Z C Finpow(5) x Pow(Pow(S*)). 
Write 

S* : = |J{r : (cr, r) G Z} U Finpow(S') C Paw(S) 

(which is a set by the union and replacement axioms) and consider the following 
finitary, non-deterministic definition 1Z on S*: 

■f=r (cr, r 6 Z 77 — ueU £ S* r^j cr G Finpow(S) 

T {{w}} {cr} 

By finitary NID, there is a set G* which generates C\os-jz(S*). Put 

G:={{seS: {s} G 7} 17 G G*}. 

We first prove G C M(Z). So suppose a = {{s G S* : {s} G 7} with 7 G G*, 
and suppose (cr, r) G Z with cr C a. This implies that for every s G cr we have 
{s} G 7. Hence we have a G 7 by applying the third rule. Then, by the first 
rule, we know that there is a set U G 7 with £7 G T. So it follows by the second 
rule that for every u G U we have {u} G 7, whence u G a. So U C a, as desired. 
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Now we prove that G strongly generates M(Z). Suppose a G M{Z) and a G 
Finpow(a). We need to find a f3 G G with a C f3 C a. To this purpose, consider 

7: = S* n Pow(a) 

(which is a set by bounded separation). It is easy to see that 7 belongs to 
Closes'*). So because G* generates, there is an element 6 £ G* with <5 C 7 
and tr G 5. Write 

f3: = {s £ S : {s} E 6}. 

By construction, (3 £ G. Moreover, a C /3, for if s G cr, then we have {s} G S, 
because a £ 5 and 6 is closed under the second rule; therefore s G /? by defini- 
tion. And, finally, we have /3 C a, because if s G /?, then {s} G S C 7 G Pow(a); 
hence s G a. □ 



Corollary 7.4 The axiom of relativised dependent choice RDC implies finitary 
NID. Hence finitary NID is validated on the type-theoretic interpretation o/CZF 
in MLiV. 

Proof. The first statement follows from the previous result in combination with 
Theorem 5.1 in [6]. The second statement follows from the fact that RDC is 
validated on the type-theoretic interpretation of CZF in MLiV (see [2] and 

USD- ^ □ 



Remark 7.5 Since CZF and MLiV have the same proof-theoretic strength 
(see [H]), it follows that finitary NID does not increase the proof-theoretic 
strength of CZF. 

On the other hand, it seems plausible that CZF extended with the statement 
that all W-types exist has the same proof-theoretic strength as MLivi/V and 
CZF + REA. If that is true, then it would follow from Theorem 13.71 and 
Corollary 16.141 that CZF + NID also has this strength; consequently, CZF 
+ NID would proof-theoretically be a much stronger system than CZF, and 
finitary NID would not imply full NID. 



8 Conclusion and open questions 

We have introduced a new proof principle, the NID principle, and shown how 
it can be used to obtain results in the context of the constructive set theory 
CZF, especially in formal topology. We are convinced that these results cannot 
be obtained in CZF extended with either REA or a combination of AMC and 
WS, but we do not have a proof of this fact. 
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We also believe that elementary NID cannot be proved in CZF and that 
elementary NID does not imply finitary NID, but also here we lack proofs. An- 
other question which we have left open is whether the NID principle is stable 
under such constructions from algebraic set theory as exact completion, realiz- 
ability and sheaves. Again, this seems to us very likely to be true, but we have 
not tried very hard to find proofs. 
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